CONTACT US
Third Party Risk Management - Consultancy, Assessment & Advisory

New Automated Index Calculates Supply Chain Ransomware Susceptibility

The Ransomware Susceptibility Index analyses technical and financial data to determine likelihood of ransomware attacks on third-parties, vendors and business partners.

Black Kite, DVV Solutions cybersecurity ratings partner, today released the first automated ransomware service that assesses the likelihood of a ransomware attack on organisations and their vendors, suppliers, and business partners. The Ransomware Susceptibility Index (RSI) enables companies to gauge the ransomware attack risk of any vendor within minutes.

Ransomware was the most common cyber threat to organisations in 2020. An attack on a company creates significant cyber risk to any organisation it does business with. Companies must continuously monitor vendors and trading partners within their supply chains to maintain a real-time assessment of the potential for ransomware attacks.

The RSI inspects, transforms, and models data collected from various open-source intelligence (OSINT) sources and leverages machine learning to approximate ransomware risk.  The susceptibility scale ranges from 0.0 (lowest likelihood of attack) to 1.0 (highest likelihood of attack). The patent-pending RSI examines 26 unique controls to calculate index approximations. Black Kite provides all calculation formulas for full transparency.

“Ransomware attacks have proven to be debilitating and costly to both companies and governments,” said Bob Maley, Chief Security Officer of Black Kite. “We know that there are tell-tale indicators that a company is more attractive to ransomware attackers. For the first time, the RSI gives organisations warning about the ransomware susceptibility of all companies within their supply chain.”

The RSI enables organisations to deploy a three-pronged approach to proactive ransomware protections:

  1. Understand which vendors are most prone to ransomware and calculate event susceptibility within minutes.
  2. Develop an effective course of action for remediation by cross-correlating with Black Kite’s Cyber Risk Assessment findings.
  3. Avoid production, reputation, and financial losses by using reliable data to develop more informed policies.

You’re Only As Strong As Your Weakest Link

There’s never been a more vital time to ensure the security of your organisation and the cyber supply chain you rely on. DVV Solutions are here to help with a range of managed services and solutions proven to improve your ability to assess, analyse and manage more cybersecurity and third-party risk domains.

For more information on enhancing your cybersecurity oversight:

Call Us+44 (0) 161 476 8700

Contact Us: Complete our Contact Form, or

Learn more about What We Do

About Black Kite

Black Kite is the only cyber risk rating platform focused on alerting your business to third-party risks. Built on the latest cloud technology to automate scalability, risk assessment times are reduced from weeks to hours. In addition to an easy-to-understand letter grade rating system, Black Kite is the only SRS tool to quantify risk using Open FAIR, communicating risk in business terms executives understand. Unlike other cyber rating products, there’s no “secret sauce.” Every third-party cyber risk assessment is standards-based and fully transparent so that all users not only trust their data, but they know how to manage it. Every day Black Kite pushes towards one common mission: to build the most trustworthy cyber rating system in the world.